Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VM env req.protocol is inaccurate #1863

Closed
jas- opened this issue Dec 18, 2013 · 25 comments
Closed

VM env req.protocol is inaccurate #1863

jas- opened this issue Dec 18, 2013 · 25 comments

Comments

@jas-
Copy link

jas- commented Dec 18, 2013

When running the node.js HTTPS module using express the req.protocol is reporting http when it should be reporting https

Environment information:
Host: Ubuntu Linux jas-laptop 3.2.0-57-generic #87-Ubuntu SMP Tue Nov 12 21:35:10 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

VM s/w: QEMU emulator version 1.0 (qemu-kvm-1.0), Copyright (c) 2003-2008 Fabrice Bellard

VM Guest: CentOS Linux node.dev 2.6.32-431.1.2.0.1.el6.x86_64 #1 SMP Fri Dec 13 13:06:13 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

Relevant source; app.js & server.js.

I verified that the connection between the host & guest are indeed using SSL with the following tcpdump commands:

Guest: tcpdump -ieth0 -s 1024 -l -A tcp port 3000
Results: E..^I...@... ... .......!..._.. ..@h..w...+.....~..mQ_+;..B.^...............K.vm.+.O...ic.|w.+.:.tL..A..X{.o>.....9..#.x{E...D..jUZu...Q$.....uND..C....[. ..G.E....9.. .I'..5..*M6.9.t@.....v...0...(.}.........a4..PsKtb.e?.=. .......u..r._.e;.sGQ.VXq.>..;p...q.#B.....C.1......i.8......1Q...P;3...M....6klik.L../..FO.kRu(..#.iA...XC..].F..in.3..pT.l......-J.8.F.>'t.6..e.........$.v$.g. '...f$<.b..pe#HE.1w...7'...v..jam...cOR..........KGgb( W....e.t........7.%.._..a.........-..G.m.k...7lu.O.".F....V.u...... ..
10:38:40.634548 IP 10.0.2.15.hbci > 10.0.2.2.59080: Flags [P.], seq 2488:2780, ack 5311, win 25470, length 292`

Host: tcpdump -ilo -s 1024 -l -A host node.dev and tcp port 3000
Results: E..j..@.@.Uy..............%.7=......._..... ..@h..w...+.....~..mQ_+;..B.^...............K.vm.+.O...ic.|w.+.:.tL..A..X{.o>.....9..#.x{E...D..jUZu...Q$.....uND..C....[. ..G.E....9.. .I'..5..*M6.9.t@.....v...0...(.}.........a4..PsKtb.e?.=. .......u..r._.e;.sGQ.VXq.>..;p...q.#B.....C.1......i.8......1Q...P;3...M....6klik.L../..FO.kRu(..#.iA...XC..].F..in.3..pT.l......-J.8.F.>'t.6..e.........$.v$.g. '...f$<.b..pe#HE.1w...7'...v..jam...cOR..........KGgb( W....e.t........7.%.._..a.........-..G.m.k...7lu.O.".F....V.u...... ..
10:38:38.444436 IP jas-laptop.3000 > localhost.59080: Flags [P.], seq 2488:2780, ack 5311, win 256, options [nop,nop,TS val 1898456 ecr 1898455], length 292`

However, when using the req.protocol it returns http when the expected output should be https per the documentation
@jonathanong
Copy link
Member

can you send us the entire request header?

@jas-
Copy link
Author

jas- commented Dec 18, 2013

Sure, I should have included this first....

{ _readableState: 
   { highWaterMark: 16384,
     buffer: [],
     length: 0,
     pipes: null,
     pipesCount: 0,
     flowing: null,
     ended: true,
     endEmitted: false,
     reading: false,
     sync: true,
     needReadable: false,
     emittedReadable: true,
     readableListening: false,
     objectMode: false,
     defaultEncoding: 'utf8',
     ranOut: false,
     awaitDrain: 0,
     readingMore: false,
     decoder: null,
     encoding: null },
  readable: true,
  domain: null,
  _events: { close: [Function] },
  _maxListeners: undefined,
  socket: 
   { _connecting: false,
     _hadError: false,
     _handle: 
      { fd: 12,
        writeQueueSize: 1,
        owner: [Circular],
        onread: [Function: onread],
        reading: true },
     _host: null,
     _readableState: 
      { highWaterMark: 16384,
        buffer: [],
        length: 0,
        pipes: null,
        pipesCount: 0,
        flowing: true,
        ended: false,
        endEmitted: false,
        reading: true,
        sync: false,
        needReadable: true,
        emittedReadable: false,
        readableListening: false,
        objectMode: false,
        defaultEncoding: 'utf8',
        ranOut: false,
        awaitDrain: 0,
        readingMore: false,
        decoder: null,
        encoding: null,
        resumeScheduled: false },
     readable: true,
     domain: null,
     _events: 
      { end: [Object],
        finish: [Function: onSocketFinish],
        _socketEnd: [Function: onSocketEnd],
        secure: [Function],
        _tlsError: [Function],
        drain: [Object],
        timeout: [Function],
        error: [Function: socketOnError],
        close: [Object],
        data: [Function: socketOnData] },
     _maxListeners: undefined,
     _writableState: 
      { highWaterMark: 16384,
        objectMode: false,
        needDrain: false,
        ending: false,
        ended: false,
        finished: false,
        decodeStrings: false,
        defaultEncoding: 'utf8',
        length: 0,
        writing: false,
        corked: 0,
        sync: true,
        bufferProcessing: false,
        onwrite: [Function],
        writecb: null,
        writelen: 0,
        buffer: [],
        pendingcb: 0,
        prefinished: false },
     writable: true,
     allowHalfOpen: false,
     destroyed: false,
     errorEmitted: false,
     bytesRead: 443,
     _bytesDispatched: 0,
     _pendingData: null,
     _pendingEncoding: '',
     _tlsOptions: 
      { credentials: [Object],
        isServer: true,
        server: [Object],
        requestCert: true,
        rejectUnauthorized: false,
        handshakeTimeout: 120000,
        NPNProtocols: <Buffer 08 68 74 74 70 2f 31 2e 31 08 68 74 74 70 2f 31 2e 30>,
        SNICallback: [Function: SNICallback] },
     _secureEstablished: true,
     _controlReleased: true,
     _SNICallback: null,
     ssl: 
      { onhandshakestart: [Function],
        onhandshakedone: [Function],
        onclienthello: [Function],
        onnewsession: [Function],
        lastHandshakeTime: 26926358,
        handshakes: 0,
        onerror: [Function] },
     servername: 'node.dev',
     npnProtocol: 'http/1.1',
     authorized: false,
     authorizationError: 'UNABLE_TO_GET_ISSUER_CERT',
     server: 
      { _contexts: [],
        requestCert: true,
        rejectUnauthorized: false,
        key: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 52 53 41 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0a 4d 49 49 45 70 41 49 42 41 41 4b 43 41 51 45 41 70 7a ... >,
        passphrase: 'password',
        cert: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 0a 4d 49 49 44 33 6a 43 43 41 73 59 43 43 51 44 37 2b 50 4b 69 48 44 ... >,
        ciphers: 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH',
        secureOptions: 4194304,
        NPNProtocols: <Buffer 08 68 74 74 70 2f 31 2e 31 08 68 74 74 70 2f 31 2e 30>,
        sessionIdContext: 'd41d8cd98f00b204e9800998ecf8427e',
        _sharedCreds: [Object],
        domain: null,
        _events: [Object],
        _maxListeners: undefined,
        _connections: 2,
        connections: [Getter/Setter],
        _handle: [Object],
        _usingSlaves: false,
        _slaves: [],
        allowHalfOpen: false,
        httpAllowHalfOpen: false,
        timeout: 120000,
        _connectionKey: '4:0.0.0.0:3000' },
     _requestCert: true,
     _rejectUnauthorized: false,
     _idleTimeout: 120000,
     _idleNext: 
      { _connecting: false,
        _hadError: false,
        _handle: [Object],
        _host: null,
        _readableState: [Object],
        readable: true,
        domain: null,
        _events: [Object],
        _maxListeners: undefined,
        _writableState: [Object],
        writable: true,
        allowHalfOpen: false,
        destroyed: false,
        errorEmitted: false,
        bytesRead: 0,
        _bytesDispatched: 0,
        _pendingData: null,
        _pendingEncoding: '',
        _tlsOptions: [Object],
        _secureEstablished: true,
        _controlReleased: true,
        _SNICallback: null,
        ssl: [Object],
        servername: 'node.dev',
        npnProtocol: 'http/1.1',
        authorized: false,
        authorizationError: 'UNABLE_TO_GET_ISSUER_CERT',
        server: [Object],
        _requestCert: true,
        _rejectUnauthorized: false,
        _idleTimeout: 120000,
        _idleNext: [Object],
        _idlePrev: [Circular],
        _idleStart: 26926344,
        parser: [Object],
        _paused: false,
        read: [Function],
        _consuming: true },
     _idlePrev: { _idleNext: [Circular], _idlePrev: [Object] },
     _idleStart: 26926393,
     parser: 
      { '0': [Function: parserOnHeaders],
        '1': [Function: parserOnHeadersComplete],
        '2': [Function: parserOnBody],
        '3': [Function: parserOnMessageComplete],
        _headers: [],
        _url: '',
        socket: [Circular],
        incoming: [Circular],
        maxHeaderPairs: 2000,
        onIncoming: [Function: parserOnIncoming] },
     _paused: false,
     read: [Function],
     _consuming: true,
     _httpMessage: 
      { domain: null,
        _events: [Object],
        _maxListeners: undefined,
        output: [],
        outputEncodings: [],
        outputCallbacks: [],
        writable: true,
        _last: false,
        chunkedEncoding: false,
        shouldKeepAlive: true,
        useChunkedEncodingByDefault: true,
        sendDate: true,
        _removedHeader: {},
        _hasBody: true,
        _trailer: '',
        finished: false,
        _hangupClose: false,
        socket: [Circular],
        connection: [Circular],
        _headers: [Object],
        _headerNames: [Object],
        req: [Circular],
        locals: [Function: locals],
        end: [Function],
        write: [Function] },
     _peername: { address: '10.0.2.2', family: 'IPv4', port: 33329 } },
  connection: 
   { _connecting: false,
     _hadError: false,
     _handle: 
      { fd: 12,
        writeQueueSize: 1,
        owner: [Circular],
        onread: [Function: onread],
        reading: true },
     _host: null,
     _readableState: 
      { highWaterMark: 16384,
        buffer: [],
        length: 0,
        pipes: null,
        pipesCount: 0,
        flowing: true,
        ended: false,
        endEmitted: false,
        reading: true,
        sync: false,
        needReadable: true,
        emittedReadable: false,
        readableListening: false,
        objectMode: false,
        defaultEncoding: 'utf8',
        ranOut: false,
        awaitDrain: 0,
        readingMore: false,
        decoder: null,
        encoding: null,
        resumeScheduled: false },
     readable: true,
     domain: null,
     _events: 
      { end: [Object],
        finish: [Function: onSocketFinish],
        _socketEnd: [Function: onSocketEnd],
        secure: [Function],
        _tlsError: [Function],
        drain: [Object],
        timeout: [Function],
        error: [Function: socketOnError],
        close: [Object],
        data: [Function: socketOnData] },
     _maxListeners: undefined,
     _writableState: 
      { highWaterMark: 16384,
        objectMode: false,
        needDrain: false,
        ending: false,
        ended: false,
        finished: false,
        decodeStrings: false,
        defaultEncoding: 'utf8',
        length: 0,
        writing: false,
        corked: 0,
        sync: true,
        bufferProcessing: false,
        onwrite: [Function],
        writecb: null,
        writelen: 0,
        buffer: [],
        pendingcb: 0,
        prefinished: false },
     writable: true,
     allowHalfOpen: false,
     destroyed: false,
     errorEmitted: false,
     bytesRead: 443,
     _bytesDispatched: 0,
     _pendingData: null,
     _pendingEncoding: '',
     _tlsOptions: 
      { credentials: [Object],
        isServer: true,
        server: [Object],
        requestCert: true,
        rejectUnauthorized: false,
        handshakeTimeout: 120000,
        NPNProtocols: <Buffer 08 68 74 74 70 2f 31 2e 31 08 68 74 74 70 2f 31 2e 30>,
        SNICallback: [Function: SNICallback] },
     _secureEstablished: true,
     _controlReleased: true,
     _SNICallback: null,
     ssl: 
      { onhandshakestart: [Function],
        onhandshakedone: [Function],
        onclienthello: [Function],
        onnewsession: [Function],
        lastHandshakeTime: 26926358,
        handshakes: 0,
        onerror: [Function] },
     servername: 'node.dev',
     npnProtocol: 'http/1.1',
     authorized: false,
     authorizationError: 'UNABLE_TO_GET_ISSUER_CERT',
     server: 
      { _contexts: [],
        requestCert: true,
        rejectUnauthorized: false,
        key: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 52 53 41 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0a 4d 49 49 45 70 41 49 42 41 41 4b 43 41 51 45 41 70 7a ... >,
        passphrase: 'password',
        cert: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 0a 4d 49 49 44 33 6a 43 43 41 73 59 43 43 51 44 37 2b 50 4b 69 48 44 ... >,
        ciphers: 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH',
        secureOptions: 4194304,
        NPNProtocols: <Buffer 08 68 74 74 70 2f 31 2e 31 08 68 74 74 70 2f 31 2e 30>,
        sessionIdContext: 'd41d8cd98f00b204e9800998ecf8427e',
        _sharedCreds: [Object],
        domain: null,
        _events: [Object],
        _maxListeners: undefined,
        _connections: 2,
        connections: [Getter/Setter],
        _handle: [Object],
        _usingSlaves: false,
        _slaves: [],
        allowHalfOpen: false,
        httpAllowHalfOpen: false,
        timeout: 120000,
        _connectionKey: '4:0.0.0.0:3000' },
     _requestCert: true,
     _rejectUnauthorized: false,
     _idleTimeout: 120000,
     _idleNext: 
      { _connecting: false,
        _hadError: false,
        _handle: [Object],
        _host: null,
        _readableState: [Object],
        readable: true,
        domain: null,
        _events: [Object],
        _maxListeners: undefined,
        _writableState: [Object],
        writable: true,
        allowHalfOpen: false,
        destroyed: false,
        errorEmitted: false,
        bytesRead: 0,
        _bytesDispatched: 0,
        _pendingData: null,
        _pendingEncoding: '',
        _tlsOptions: [Object],
        _secureEstablished: true,
        _controlReleased: true,
        _SNICallback: null,
        ssl: [Object],
        servername: 'node.dev',
        npnProtocol: 'http/1.1',
        authorized: false,
        authorizationError: 'UNABLE_TO_GET_ISSUER_CERT',
        server: [Object],
        _requestCert: true,
        _rejectUnauthorized: false,
        _idleTimeout: 120000,
        _idleNext: [Object],
        _idlePrev: [Circular],
        _idleStart: 26926344,
        parser: [Object],
        _paused: false,
        read: [Function],
        _consuming: true },
     _idlePrev: { _idleNext: [Circular], _idlePrev: [Object] },
     _idleStart: 26926393,
     parser: 
      { '0': [Function: parserOnHeaders],
        '1': [Function: parserOnHeadersComplete],
        '2': [Function: parserOnBody],
        '3': [Function: parserOnMessageComplete],
        _headers: [],
        _url: '',
        socket: [Circular],
        incoming: [Circular],
        maxHeaderPairs: 2000,
        onIncoming: [Function: parserOnIncoming] },
     _paused: false,
     read: [Function],
     _consuming: true,
     _httpMessage: 
      { domain: null,
        _events: [Object],
        _maxListeners: undefined,
        output: [],
        outputEncodings: [],
        outputCallbacks: [],
        writable: true,
        _last: false,
        chunkedEncoding: false,
        shouldKeepAlive: true,
        useChunkedEncodingByDefault: true,
        sendDate: true,
        _removedHeader: {},
        _hasBody: true,
        _trailer: '',
        finished: false,
        _hangupClose: false,
        socket: [Circular],
        connection: [Circular],
        _headers: [Object],
        _headerNames: [Object],
        req: [Circular],
        locals: [Function: locals],
        end: [Function],
        write: [Function] },
     _peername: { address: '10.0.2.2', family: 'IPv4', port: 33329 } },
  httpVersion: '1.1',
  complete: true,
  headers: 
   { host: 'node.dev:3000',
     'user-agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0',
     accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
     'accept-language': 'en-US,en;q=0.5',
     'accept-encoding': 'gzip, deflate',
     cookie: 'connect.sid=s%3AQJuRhkHOBjeQZOh7aNnXRn7M.yC0PLHgZZjGR5xiyxdDA%2B1mBjRhQowFzPNdxBthdl7c',
     connection: 'keep-alive',
     'if-none-match': '"-1692303833"',
     'cache-control': 'max-age=0' },
  rawHeaders: 
   [ 'Host',
     'node.dev:3000',
     'User-Agent',
     'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0',
     'Accept',
     'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
     'Accept-Language',
     'en-US,en;q=0.5',
     'Accept-Encoding',
     'gzip, deflate',
     'Cookie',
     'connect.sid=s%3AQJuRhkHOBjeQZOh7aNnXRn7M.yC0PLHgZZjGR5xiyxdDA%2B1mBjRhQowFzPNdxBthdl7c',
     'Connection',
     'keep-alive',
     'If-None-Match',
     '"-1692303833"',
     'Cache-Control',
     'max-age=0' ],
  trailers: {},
  rawTrailers: [],
  _pendings: [],
  _pendingIndex: 0,
  url: '/',
  method: 'GET',
  statusCode: null,
  client: 
   { _connecting: false,
     _hadError: false,
     _handle: 
      { fd: 12,
        writeQueueSize: 1,
        owner: [Circular],
        onread: [Function: onread],
        reading: true },
     _host: null,
     _readableState: 
      { highWaterMark: 16384,
        buffer: [],
        length: 0,
        pipes: null,
        pipesCount: 0,
        flowing: true,
        ended: false,
        endEmitted: false,
        reading: true,
        sync: false,
        needReadable: true,
        emittedReadable: false,
        readableListening: false,
        objectMode: false,
        defaultEncoding: 'utf8',
        ranOut: false,
        awaitDrain: 0,
        readingMore: false,
        decoder: null,
        encoding: null,
        resumeScheduled: false },
     readable: true,
     domain: null,
     _events: 
      { end: [Object],
        finish: [Function: onSocketFinish],
        _socketEnd: [Function: onSocketEnd],
        secure: [Function],
        _tlsError: [Function],
        drain: [Object],
        timeout: [Function],
        error: [Function: socketOnError],
        close: [Object],
        data: [Function: socketOnData] },
     _maxListeners: undefined,
     _writableState: 
      { highWaterMark: 16384,
        objectMode: false,
        needDrain: false,
        ending: false,
        ended: false,
        finished: false,
        decodeStrings: false,
        defaultEncoding: 'utf8',
        length: 0,
        writing: false,
        corked: 0,
        sync: true,
        bufferProcessing: false,
        onwrite: [Function],
        writecb: null,
        writelen: 0,
        buffer: [],
        pendingcb: 0,
        prefinished: false },
     writable: true,
     allowHalfOpen: false,
     destroyed: false,
     errorEmitted: false,
     bytesRead: 443,
     _bytesDispatched: 0,
     _pendingData: null,
     _pendingEncoding: '',
     _tlsOptions: 
      { credentials: [Object],
        isServer: true,
        server: [Object],
        requestCert: true,
        rejectUnauthorized: false,
        handshakeTimeout: 120000,
        NPNProtocols: <Buffer 08 68 74 74 70 2f 31 2e 31 08 68 74 74 70 2f 31 2e 30>,
        SNICallback: [Function: SNICallback] },
     _secureEstablished: true,
     _controlReleased: true,
     _SNICallback: null,
     ssl: 
      { onhandshakestart: [Function],
        onhandshakedone: [Function],
        onclienthello: [Function],
        onnewsession: [Function],
        lastHandshakeTime: 26926358,
        handshakes: 0,
        onerror: [Function] },
     servername: 'node.dev',
     npnProtocol: 'http/1.1',
     authorized: false,
     authorizationError: 'UNABLE_TO_GET_ISSUER_CERT',
     server: 
      { _contexts: [],
        requestCert: true,
        rejectUnauthorized: false,
        key: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 52 53 41 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0a 4d 49 49 45 70 41 49 42 41 41 4b 43 41 51 45 41 70 7a ... >,
        passphrase: 'password',
        cert: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 0a 4d 49 49 44 33 6a 43 43 41 73 59 43 43 51 44 37 2b 50 4b 69 48 44 ... >,
        ciphers: 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH',
        secureOptions: 4194304,
        NPNProtocols: <Buffer 08 68 74 74 70 2f 31 2e 31 08 68 74 74 70 2f 31 2e 30>,
        sessionIdContext: 'd41d8cd98f00b204e9800998ecf8427e',
        _sharedCreds: [Object],
        domain: null,
        _events: [Object],
        _maxListeners: undefined,
        _connections: 2,
        connections: [Getter/Setter],
        _handle: [Object],
        _usingSlaves: false,
        _slaves: [],
        allowHalfOpen: false,
        httpAllowHalfOpen: false,
        timeout: 120000,
        _connectionKey: '4:0.0.0.0:3000' },
     _requestCert: true,
     _rejectUnauthorized: false,
     _idleTimeout: 120000,
     _idleNext: 
      { _connecting: false,
        _hadError: false,
        _handle: [Object],
        _host: null,
        _readableState: [Object],
        readable: true,
        domain: null,
        _events: [Object],
        _maxListeners: undefined,
        _writableState: [Object],
        writable: true,
        allowHalfOpen: false,
        destroyed: false,
        errorEmitted: false,
        bytesRead: 0,
        _bytesDispatched: 0,
        _pendingData: null,
        _pendingEncoding: '',
        _tlsOptions: [Object],
        _secureEstablished: true,
        _controlReleased: true,
        _SNICallback: null,
        ssl: [Object],
        servername: 'node.dev',
        npnProtocol: 'http/1.1',
        authorized: false,
        authorizationError: 'UNABLE_TO_GET_ISSUER_CERT',
        server: [Object],
        _requestCert: true,
        _rejectUnauthorized: false,
        _idleTimeout: 120000,
        _idleNext: [Object],
        _idlePrev: [Circular],
        _idleStart: 26926344,
        parser: [Object],
        _paused: false,
        read: [Function],
        _consuming: true },
     _idlePrev: { _idleNext: [Circular], _idlePrev: [Object] },
     _idleStart: 26926393,
     parser: 
      { '0': [Function: parserOnHeaders],
        '1': [Function: parserOnHeadersComplete],
        '2': [Function: parserOnBody],
        '3': [Function: parserOnMessageComplete],
        _headers: [],
        _url: '',
        socket: [Circular],
        incoming: [Circular],
        maxHeaderPairs: 2000,
        onIncoming: [Function: parserOnIncoming] },
     _paused: false,
     read: [Function],
     _consuming: true,
     _httpMessage: 
      { domain: null,
        _events: [Object],
        _maxListeners: undefined,
        output: [],
        outputEncodings: [],
        outputCallbacks: [],
        writable: true,
        _last: false,
        chunkedEncoding: false,
        shouldKeepAlive: true,
        useChunkedEncodingByDefault: true,
        sendDate: true,
        _removedHeader: {},
        _hasBody: true,
        _trailer: '',
        finished: false,
        _hangupClose: false,
        socket: [Circular],
        connection: [Circular],
        _headers: [Object],
        _headerNames: [Object],
        req: [Circular],
        locals: [Function: locals],
        end: [Function],
        write: [Function] },
     _peername: { address: '10.0.2.2', family: 'IPv4', port: 33329 } },
  _consuming: false,
  _dumped: false,
  httpVersionMajor: 1,
  httpVersionMinor: 1,
  upgrade: false,
  originalUrl: '/',
  _parsedUrl: 
   { protocol: null,
     slashes: null,
     auth: null,
     host: null,
     port: null,
     hostname: null,
     hash: null,
     search: null,
     query: null,
     pathname: '/',
     path: '/',
     href: '/' },
  query: {},
  res: 
   { domain: null,
     _events: { prefinish: [Function: resOnFinish], header: [Function] },
     _maxListeners: undefined,
     output: [],
     outputEncodings: [],
     outputCallbacks: [],
     writable: true,
     _last: false,
     chunkedEncoding: false,
     shouldKeepAlive: true,
     useChunkedEncodingByDefault: true,
     sendDate: true,
     _removedHeader: {},
     _hasBody: true,
     _trailer: '',
     finished: false,
     _hangupClose: false,
     socket: 
      { _connecting: false,
        _hadError: false,
        _handle: [Object],
        _host: null,
        _readableState: [Object],
        readable: true,
        domain: null,
        _events: [Object],
        _maxListeners: undefined,
        _writableState: [Object],
        writable: true,
        allowHalfOpen: false,
        destroyed: false,
        errorEmitted: false,
        bytesRead: 443,
        _bytesDispatched: 0,
        _pendingData: null,
        _pendingEncoding: '',
        _tlsOptions: [Object],
        _secureEstablished: true,
        _controlReleased: true,
        _SNICallback: null,
        ssl: [Object],
        servername: 'node.dev',
        npnProtocol: 'http/1.1',
        authorized: false,
        authorizationError: 'UNABLE_TO_GET_ISSUER_CERT',
        server: [Object],
        _requestCert: true,
        _rejectUnauthorized: false,
        _idleTimeout: 120000,
        _idleNext: [Object],
        _idlePrev: [Object],
        _idleStart: 26926393,
        parser: [Object],
        _paused: false,
        read: [Function],
        _consuming: true,
        _httpMessage: [Circular],
        _peername: [Object] },
     connection: 
      { _connecting: false,
        _hadError: false,
        _handle: [Object],
        _host: null,
        _readableState: [Object],
        readable: true,
        domain: null,
        _events: [Object],
        _maxListeners: undefined,
        _writableState: [Object],
        writable: true,
        allowHalfOpen: false,
        destroyed: false,
        errorEmitted: false,
        bytesRead: 443,
        _bytesDispatched: 0,
        _pendingData: null,
        _pendingEncoding: '',
        _tlsOptions: [Object],
        _secureEstablished: true,
        _controlReleased: true,
        _SNICallback: null,
        ssl: [Object],
        servername: 'node.dev',
        npnProtocol: 'http/1.1',
        authorized: false,
        authorizationError: 'UNABLE_TO_GET_ISSUER_CERT',
        server: [Object],
        _requestCert: true,
        _rejectUnauthorized: false,
        _idleTimeout: 120000,
        _idleNext: [Object],
        _idlePrev: [Object],
        _idleStart: 26926393,
        parser: [Object],
        _paused: false,
        read: [Function],
        _consuming: true,
        _httpMessage: [Circular],
        _peername: [Object] },
     _headers: { 'x-powered-by': 'Express', vary: 'Accept-Encoding' },
     _headerNames: { 'x-powered-by': 'X-Powered-By', vary: 'Vary' },
     req: [Circular],
     locals: [Function: locals],
     end: [Function],
     write: [Function] },
  next: [Function: next],
  _startTime: Wed Dec 18 2013 12:22:18 GMT-0700 (MST),
  secret: undefined,
  cookies: { 'connect.sid': 's:QJuRhkHOBjeQZOh7aNnXRn7M.yC0PLHgZZjGR5xiyxdDA+1mBjRhQowFzPNdxBthdl7c' },
  signedCookies: {},
  body: {},
  files: {},
  _route_index: 0,
  route: 
   { path: '/',
     method: 'get',
     callbacks: [ [Function: sessionHandler], [Function] ],
     keys: [],
     regexp: /^\/\/?$/i,
     params: [] },
  params: [] }

Here is the results from an openssl s_client -connect node:3000 command as well

CONNECTED(00000003)
depth=0 C = US, ST = Utah, L = Salt Lake City, O = University Of Utah, OU = Marriott Library, CN = node-dhcp-manager, emailAddress = jason.gerfen@utah.edu
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = Utah, L = Salt Lake City, O = University Of Utah, OU = Marriott Library, CN = node-dhcp-manager, emailAddress = jason.gerfen@utah.edu
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Utah/L=Salt Lake City/O=University Of Utah/OU=Marriott Library/CN=node-dhcp-manager/emailAddress=jason.gerfen@utah.edu
   i:/C=US/ST=Utah/L=Salt Lake City/O=University Of Utah/OU=Marriott Library/CN=node-dhcp-manager/emailAddress=jason.gerfen@utah.edu
---
Server certificate
-----BEGIN CERTIFICATE-----
MIID3jCCAsYCCQD7+PKiHDqzfTANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
VVMxDTALBgNVBAgMBFV0YWgxFzAVBgNVBAcMDlNhbHQgTGFrZSBDaXR5MRswGQYD
VQQKDBJVbml2ZXJzaXR5IE9mIFV0YWgxGTAXBgNVBAsMEE1hcnJpb3R0IExpYnJh
cnkxGjAYBgNVBAMMEW5vZGUtZGhjcC1tYW5hZ2VyMSUwIwYJKoZIhvcNAQkBFhZq
YXNvbi5nZXJmZW5AZ21haWwuY29tMB4XDTEzMTIxODEwNDEzOFoXDTE0MDExNzEw
NDEzOFowgbAxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARVdGFoMRcwFQYDVQQHDA5T
YWx0IExha2UgQ2l0eTEbMBkGA1UECgwSVW5pdmVyc2l0eSBPZiBVdGFoMRkwFwYD
VQQLDBBNYXJyaW90dCBMaWJyYXJ5MRowGAYDVQQDDBFub2RlLWRoY3AtbWFuYWdl
cjElMCMGCSqGSIb3DQEJARYWamFzb24uZ2VyZmVuQGdtYWlsLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKc8Daqszx6aUrXPzrDdnSCOc7SqQajX
HVHezSs80ghs984cmCo+0qPohApUz8T66XBuBRjn60KsJ4xA3jOFCAhqzMv2JVH2
kucc6W6ypyA9dRb4gRA9AL4WWnOo5klva/XKS/paIuAYNqOmd3TP+HCVEiWp9Bec
NJUExYwO4Tfv/UEDTu4wjPI7iJZKQje8Y9X/JXgthZ34iuogw4ItdKNfsb/Gzcpr
4PTRyjVWMuNjZvWM/5MWZsw3Hr8jjTuWsaelaEVxDzwWZhdo3gB6aLgAQZhZ2cdh
6Cg3/uTYQzRcILG0JimgEHNniKdjbz00eMiNoM81V4Zs+sZA1ndwhhsCAwEAATAN
BgkqhkiG9w0BAQUFAAOCAQEAYpt4umEj9GSa9GurfcDG8cEJhOz6y4FVEQ7nKl6x
RTT1MsyNrPqVEFNHlmipbrPVMOw+Eywrfej0plf/jowAL/IKl9+NU3nFSL8TWxaR
WqidooE5Z+qTMbqt1lVjP0u44mFDXFVxmTKQaeSMvY+S614i6hTLTW0QNiO9fTRG
SFf81yXuGoG8Zsn7XR9G3ZtrpQEPZj+PlSrzuJ1ge4YbDCuvuzrdnssHTmUV0eNe
dVoIpDdUbVrjOjlWjUezSf1k9UeMuvBcnSWPSy3tjnvZaK3R8AgikVSSTYUbAhH0
giSQoDsXpV/k6ArVosaAkPW64p5FLn87hVQXqKhde6Ll6g==
-----END CERTIFICATE-----
subject=/C=US/ST=Utah/L=Salt Lake City/O=University Of Utah/OU=Marriott Library/CN=node-dhcp-manager/emailAddress=jason.gerfen@utah.edu
issuer=/C=US/ST=Utah/L=Salt Lake City/O=University Of Utah/OU=Marriott Library/CN=node-dhcp-manager/emailAddress=jason.gerfen@utah.edu
---
No client certificate CA names sent
---
SSL handshake has read 1684 bytes and written 359 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.1
    Cipher    : ECDHE-RSA-RC4-SHA
    Session-ID: 9F28AD9067E3249318F7AFD911F54F5F79A78CAB1CF826313109FE6F393F8C3B
    Session-ID-ctx: 
    Master-Key: 2890C05B41AA568571026CFF0EBC164366963A98F8183B21F4944F1DE0BD605F501FEE5CB3D8CA55EF0C364F4AB5E5D4
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 76 02 e2 20 8b e5 c2 c1-6f 48 f7 6a 02 7a 7b ef   v.. ....oH.j.z{.
    0010 - 13 01 46 6b 6c fa 0d 35-9d 5e fe b2 44 0c 37 96   ..Fkl..5.^..D.7.
    0020 - 97 8f 95 79 e4 b1 99 42-62 92 5a 19 fa 1b 37 87   ...y...Bb.Z...7.
    0030 - f0 29 9a 2a 0a 77 10 db-67 00 8a 37 f2 dd 9e c3   .).*.w..g..7....
    0040 - ea cc 4a 16 20 a2 46 15-60 8f 11 f8 42 14 18 19   ..J. .F.`...B...
    0050 - 77 01 66 6c f0 09 55 25-17 15 7e 63 3a 79 e5 3d   w.fl..U%..~c:y.=
    0060 - b0 92 d7 c9 52 af b9 b9-ab 3b 19 21 80 a5 0e 2d   ....R....;.!...-
    0070 - 97 38 3b 53 ab ce d4 47-9a c9 61 4b 2f 47 4d 29   .8;S...G..aK/GM)
    0080 - d1 c1 c0 28 53 ef df 36-c4 24 33 76 10 ed 63 95   ...(S..6.$3v..c.
    0090 - 24 2a 6d df 7e 96 a8 44-fe fc e8 a2 f4 ff ac b7   $*m.~..D........
    00a0 - c4 b3 93 0c 12 41 e3 b7-3c 83 70 07 c0 a2 56 b4   .....A..<.p...V.
    00b0 - 1c e0 38 f7 c0 68 eb 49-10 45 04 b0 f7 7a 34 59   ..8..h.I.E...z4Y

    Start Time: 1387394631
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---

@jonathanong
Copy link
Member

hmm not sure. can't really see anything in that request. it doesn't look like you're using a proxy, so we can rule that out.

it's also kind of out of the scope of express since there's so much more going on. can you ask this question on stack overflow?

@defunctzombie
Copy link
Contributor

I think we may need to revisit the check for whether a connection is encrypted:

https://github.com/visionmedia/express/blob/master/lib/request.js#L351

Can't say I am able to find anywhere in the node docs that indicate that is public api or even a thing anymore...

@jas-
Copy link
Author

jas- commented Dec 18, 2013

Yeah no proxy is involved, the following is in the request:

_parsedUrl: 
   { protocol: null,
     slashes: null,
     auth: null,
     host: null,
     port: null,
     hostname: null,
     hash: null,
     search: null,
     query: null,
     pathname: '/',
     path: '/',
     href: '/' }

Perhaps it is a connect issue as this is the module express is relying on

$ grep -R "_parsedUrl" .
./node_modules/connect/lib/utils.js:  var parsed = req._parsedUrl;
./node_modules/connect/lib/utils.js:    return req._parsedUrl = parse(req.url);

@dougwilson
Copy link
Contributor

req.protocol is derived from req.connection.encrypted. What is the value of req.connection.encrypted you are seeing on the server? Also, what is the version of node.js?

@jas-
Copy link
Author

jas- commented Dec 18, 2013

I am running v0.11.10-pre. req.connection.encrypted is returning undefined.

@defunctzombie
Copy link
Contributor

I don't think req.connection.encrypted is a thing anymore.. until I find out otherwise.

@dougwilson
Copy link
Contributor

@defunctzombie req.connection.encrypted was removed in node.js v0.11.3.

@defunctzombie
Copy link
Contributor

@dougwilson awesome!

@jas- we don't support unstable node yet :)

@defunctzombie
Copy link
Contributor

Issue #1864 will track the issue for node 0.12

@jas-
Copy link
Author

jas- commented Dec 18, 2013

Thanks! You perhaps have a good work around?

@defunctzombie
Copy link
Contributor

@jas- yes, use node 0.10 or serve behind a proxy like nginx

@dougwilson
Copy link
Contributor

@jas anything else may cause weird issues, because the development versions of node.js change things around all the time, which can cause subtle issues in applications not tested against them (like connect/express). Of course you can always monkey patch your stuff to work, but you'll either need to figure out some property in req.connection to use, or just set it to always be https since your program is only using a https server.

@jas-
Copy link
Author

jas- commented Dec 18, 2013

@dougwilson Yeah I was just looking at some additional properties within the req object that could be used such as the presence of the req.socket.ssl object but as you stated would be a monkey patch so I am moving back to the latest stable. (The v0.11* was from development on the SPKAC patch, just never reverted back, idiot mistake). Thanks again @defunctzombie & @dougwilson.

@tj
Copy link
Member

tj commented Dec 18, 2013

this is why hiding node's internals is a great idea haha. will have to update that for koa too

@jonathanong
Copy link
Member

I checked koa, it uses socket.encrypted. Neither is documented though, so I have no freaking idea what's going on

@jas-
Copy link
Author

jas- commented Dec 18, 2013

@visionmedia @jonathanong The above is a complete req object from within express using v0.11.10-pre. There doesn't seem to be a req.session object any longer but there does seem to be a req.ssl object.

Perhaps @trevnorris or @IsacS might have some more information as I couldn't find anything in the changelog but perhaps the git log might provide more information about the change. @dougwilson where did you find that change?

@jonathanong jonathanong mentioned this issue Dec 19, 2013
Closed
@dougwilson
Copy link
Contributor

@jas- there is no mention of this in the changelog because it is not a public API. The commit that changed it is nodejs/node-v0.x-archive@af80e7b

@jas-
Copy link
Author

jas- commented Dec 19, 2013

@dougwilson That was recent, I remember when that went in. Thanks.

@tj
Copy link
Member

tj commented Dec 19, 2013

we should definitely request something public if there is nothing reliable

@trevnorris
Copy link

we should definitely request something public if there is nothing reliable

Please do. If you find holes in the API that can't be implemented in user
land and prevent reliable implementation then give us a write up of what
you're looking for. Also, go ahead and tag them with my name.

@jonathanong
Copy link
Member

@trevnorris i opened up nodejs/node-v0.x-archive#6735

@tj
Copy link
Member

tj commented Dec 19, 2013

cool thanks @trevnorris

@Ran-Xing
Copy link

Ran-Xing commented Nov 1, 2023

It seems that http/https cannot be recognized now. The default is https?

  console.dir(req.secure);
  console.dir(req.protocol);

curl http://127.0.0.1:4000/

true
'https'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@tj @dougwilson @defunctzombie @trevnorris @jas- @jonathanong @Ran-Xing